$ rpki-client -vvf rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa File: 2CAD3A66595911EA80344709C4F9AE02.roa (raw, json) Hash identifier: SjDMXf0lNYFwt4BBzRLFS/hu859BDfy4g/4gUtj/7is= Subject key identifier: 0C:DE:93:69:19:A2:0C:44:BD:7B:97:21:CE:A0:B1:8B:38:91:9C:3C Certificate issuer: /CN=A914DD78/serialNumber=D3C66C26A9FD1B9E7C455BDDB35159688D0140FE Certificate serial: 0BC9 Authority key identifier: D3:C6:6C:26:A9:FD:1B:9E:7C:45:5B:DD:B3:51:59:68:8D:01:40:FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:58:36 +0000 ROA not before: Fri 02 May 2025 20:00:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 58869 IP address blocks: 103.248.128.0/22 maxlen: 22 103.248.128.0/24 maxlen: 24 2001:df5::/48 maxlen: 48 2403:5f40:1::/48 maxlen: 48 2403:5f40:4::/48 maxlen: 48 2403:5f40:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.crl rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:51:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3017 (0xbc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914DD78, serialNumber=D3C66C26A9FD1B9E7C455BDDB35159688D0140FE Validity Not Before: May 2 20:00:13 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4460c-63c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:09:73:8a:fb:6a:48:52:6a:f6:c8:cc:a4:a4: 97:35:14:cd:6b:2e:5c:02:9a:47:59:88:ee:d6:95: ca:88:1b:27:48:8c:bb:ae:3d:80:f4:74:7e:5f:29: bb:9b:87:07:22:9a:46:a3:c0:3e:94:3e:56:4b:1c: 94:ce:87:d9:49:f1:67:dd:26:1b:0e:93:6c:af:56: 07:54:02:3c:51:51:2a:53:d9:10:9e:ba:31:9c:15: e8:2d:e5:31:73:87:56:42:51:93:e9:8e:ba:f8:2b: 9f:30:9f:c3:ca:76:8d:9d:3d:7f:59:1c:0d:55:0a: fa:7e:3c:60:73:5d:2b:7f:a4:0a:13:b4:87:98:99: b0:0a:bb:22:ef:99:89:72:59:77:18:9b:2b:4c:ef: 0b:bc:0d:e4:ae:54:d6:62:22:0f:7b:8c:b3:85:60: 86:c8:f9:35:81:e8:b3:97:20:b8:d1:bb:14:ec:24: 75:40:16:07:2d:c9:a2:a0:80:c0:44:b0:fd:f9:b1: 71:1a:2b:bd:91:29:c4:4a:3b:09:64:3b:47:79:10: 35:22:ad:51:19:c6:19:77:92:31:25:30:84:b9:54: 84:b2:d4:5e:27:14:c9:9d:7d:3f:eb:39:4e:f0:ac: f6:a7:3a:60:4a:79:fd:cb:97:3d:13:6c:ff:e3:da: e0:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:DE:93:69:19:A2:0C:44:BD:7B:97:21:CE:A0:B1:8B:38:91:9C:3C X509v3 Authority Key Identifier: keyid:D3:C6:6C:26:A9:FD:1B:9E:7C:45:5B:DD:B3:51:59:68:8D:01:40:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.248.128.0/22 IPv6: 2001:df5::/48 2403:5f40:1::/48 2403:5f40:4::/48 2403:5f40:a::/48 Signature Algorithm: sha256WithRSAEncryption 92:d9:44:54:ef:58:5a:9c:47:7c:cb:22:c2:d2:c9:25:dd:08: c6:80:fb:80:68:5a:d2:a0:cb:a6:f4:3e:ed:97:56:42:1e:fd: 91:0e:47:7a:0b:48:8b:06:97:69:49:87:3a:a6:1e:fa:f8:d6: 1f:20:02:e6:83:20:34:e7:57:54:1b:d1:a0:72:f5:ee:07:b8: 19:3f:43:df:f3:cc:50:f1:e9:16:42:5a:55:9d:8e:c3:04:3e: a2:ea:01:ec:73:d6:4c:a3:98:53:68:ef:0d:32:29:8c:c9:34: 34:24:df:b9:42:20:39:af:f7:6f:00:1f:6c:c6:e9:6b:ec:f8: 2e:39:90:a0:34:aa:ef:8a:fe:31:c7:2a:04:27:79:62:17:bd: 33:a7:ee:ab:28:61:0a:f3:fe:0f:4c:1c:02:56:d6:ce:43:39: f8:9f:64:f7:6a:9f:8d:23:47:db:11:30:c0:c7:e9:6c:01:37: 6e:35:b8:bd:de:bc:ab:91:49:df:6b:ee:17:db:dc:b6:1a:ea: b8:4e:2e:38:21:2f:d7:b1:76:c9:f7:36:30:62:f7:a8:73:55: 50:ae:98:bf:42:53:53:c8:91:46:69:b8:88:22:23:60:fb:41: a4:3f:9d:2e:e6:f1:40:9f:65:d6:70:d2:33:ef:c1:f8:4b:29: ac:33:76:91 -----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgICC8kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NERENzgxMTAvBgNVBAUTKEQzQzY2QzI2QTlGRDFCOUU3QzQ1NUJEREIzNTE1OTY4 OEQwMTQwRkUwHhcNMjUwNTAyMjAwMDEzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDYwYy02M2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4AlzivtqSFJq9sjMpKSXNRTNay5cAppHWYju1pXKiBsnSIy7rj2A9HR+Xym7 m4cHIppGo8A+lD5WSxyUzofZSfFn3SYbDpNsr1YHVAI8UVEqU9kQnroxnBXoLeUx c4dWQlGT6Y66+CufMJ/DynaNnT1/WRwNVQr6fjxgc10rf6QKE7SHmJmwCrsi75mJ cll3GJsrTO8LvA3krlTWYiIPe4yzhWCGyPk1geizlyC40bsU7CR1QBYHLcmioIDA RLD9+bFxGiu9kSnESjsJZDtHeRA1Iq1RGcYZd5IxJTCEuVSEstReJxTJnX0/6zlO 8Kz2pzpgSnn9y5c9E2z/49rg0QIDAQABo4ICjDCCAogwHQYDVR0OBBYEFAzek2kZ ogxEvXuXIc6gsYs4kZw8MB8GA1UdIwQYMBaAFNPGbCap/RuefEVb3bNRWWiNAUD+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REQ3OC9ENEU5NjQ5QzQy RjgxMUVBQjQ2MEU5M0ZDNEY5QUUwMi8wOFpzSnFuOUc1NThSVnZkczFGWmFJMEJR UDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA4WnNKcW45RzU1OFJWdmRzMUZaYUkwQlFQNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NERENzgvRDRFOTY0OUM0MkY4MTFFQUI0NjBFOTNGQzRGOUFFMDIvMkNBRDNBNjY1 OTU5MTFFQTgwMzQ0NzA5QzRGOUFFMDIucm9hMEsGCCsGAQUFBwEHAQH/BDwwOjAM BAIAATAGAwQCZ/iAMCoEAgACMCQDBwAgAQ31AAADBwAkA19AAAEDBwAkA19AAAQD BwAkA19AAAowDQYJKoZIhvcNAQELBQADggEBAJLZRFTvWFqcR3zLIsLSySXdCMaA +4BoWtKgy6b0Pu2XVkIe/ZEOR3oLSIsGl2lJhzqmHvr41h8gAuaDIDTnV1Qb0aBy 9e4HuBk/Q9/zzFDx6RZCWlWdjsMEPqLqAexz1kyjmFNo7w0yKYzJNDQk37lCIDmv 928AH2zG6Wvs+C45kKA0qu+K/jHHKgQneWIXvTOn7qsoYQrz/g9MHAJW1s5DOfif ZPdqn40jR9sRMMDH6WwBN241uL3evKuRSd9r7hfb3LYa6rhOLjghL9exdsn3NjBi 96hzVVCumL9CU1PIkUZpuIgiI2D7QaQ/nS7m8UCfZdZw0jPvwfhLKawzdpE= -----END CERTIFICATE-----Generated at Thu Mar 26 16:37:47 2026 by rpki-client